WCO Customs Risk Management Compendium

 
WCO Customs Risk Management Compendium
WCO Customs
Risk Management
  Compendium
WCO Customs Risk Management Compendium
WCO Customs Risk Management Compendium
TABLE OF CONTENTS

FOREWORD.................................................................................................................................................... V

EXECUTIVE SUMMARY............................................................................................................................... VI

I.     INTRODUCTION.................................................................................................................................. VIII

II.    GLOSSARY.............................................................................................................................................. X

III. VOLUME 1............................................................................................................................................... 1

       1. RISK MANAGEMENT IN THE CUSTOMS CONTEXT................................................................. 3
             Changing operating environment..................................................................................................... 3
             Compliance management approach................................................................................................ 4

       2. DEVELOPING AN ORGANIZATIONAL FRAMEWORK FOR MANAGING RISK...................... 7
             Overview............................................................................................................................................. 7
             Mandate and commitment................................................................................................................ 7
             Design of framework for managing risk.......................................................................................... 8
             Implementing risk management.................................................................................................... 13
             Monitoring and review of the framework....................................................................................... 20
             Continual improvement of the framework..................................................................................... 21
             Summary......................................................................................................................................... 21

       3. EMBEDDING RISK MANAGEMENT AS AN ORGANIZATIONAL CULTURE........................ 22
             Risk management maturity............................................................................................................ 22
             Example of a risk management maturity model........................................................................... 23

       4. CONCLUSION................................................................................................................................ 27

       5. BIBLIOGRAPHY............................................................................................................................ 29

       6. ANNEXES....................................................................................................................................... 31
             ANNEX 1: RISK MANAGEMENT TECHNIQUES AND TOOLS......................................................... 31
             ANNEX 2: COMPLIANCE MEASUREMENT.................................................................................... 38
             ANNEX 3: APEC RISK MANAGEMENT PROCESS SELF-ASSESSMENT....................................... 41
             ANNEX 4: RISK ASSESSMENT/TARGETING CENTRES................................................................. 46
             ANNEX 5: CASE STUDIES BY MEMBERS....................................................................................... 48

IV. VOLUME 2 (Restricted, for Members only)......................................................................................... 1

       1. RISK ASSESSMENT, PROFILING AND TARGETING.............................................................1-1

       2. RISK INDICATORS.......................................................................................................................2-1
             2.1 General High-Risk Indicators.............................................................................................. 2.1-1
             2.2 Standardized Risk Assessments, Model Risk Indicators/Profiles..................................... 2.2-1
             2.3 Maritime-Cargo Risk Indicators and Manuals (Incoming Sea Containers)....................... 2.3-1

                                                                                                                    TABLE OF CONTENTS                                 III
WCO Customs Risk Management Compendium
2.3.1 Pre-arrival phase....................................................................................................2.3.1-1
                 2.3.2 Arrival phase...........................................................................................................2.3.2-1
                 2.3.3 Post-arrival phase..................................................................................................2.3.3-1
          2.4 Air-Cargo Risk Indicators and Manuals.............................................................................. 2.4-1
                 2.4.1 Pre-arrival phase....................................................................................................2.4.1-1
                 2.4.2 Arrival phase...........................................................................................................2.4.2-1
                 2.4.3 Post-arrival phase..................................................................................................2.4.3-1
          2.5 Land-Cargo Risk Indicators and Manuals........................................................................... 2.5-1
                 2.5.1 Arrival phase...........................................................................................................2.5.1-1
                 2.5.2 Post-arrival phase..................................................................................................2.5.2-1
          2.6 Handbook for Customs Officers on Risk Indicators: Factors for Intellectual
          Property Infringement................................................................................................................ 2.6-1

     3. ANALYSIS GUIDELINES.................................................................................................. 3-1

     4. INFORMATION AND INTELLIGENCE.......................................................................................4-1
          4.1 Global Information and Intelligence Strategy......................................................................4.1-1
          4.2 National Information and Intelligence Strategy...................................................................4.2-1

IV          TABLE OF CONTENTS                                                                                                                            
FOREWORD

                           W     e live in an extremely fast moving world where global trade is funda-
                                 mental to economic growth and social development. A stable trading
                           environment enables economies to reap many benefits which can impact
                           positively on society and the way people live.
                           Customs plays a significant role in ensuring that global trade meets regulatory
                           requirements and conforms to national laws. Changes in the strategic land-
                           scape of Customs’ operating environment and long-term growth in trade and
                           travel volumes have affected the way Customs administrations are managed
                           and approach their tasks.
New government priorities, along with emerging challenges at the border, have led many administrations
to seek a more structured and systematic way to manage risk. Today, Customs is required to address risk
wherever it is found and increasingly as early in the supply chain as possible.
Together with other key buildings blocks outlined in the WCO’s Customs in the 21st Century strategic
vision, and standards and guidelines contained in the revised Kyoto Convention and the SAFE Framework
of Standards, the application of risk management is a critical element that underpins all modern Customs
administration.
Increased automation and the submission of more comprehensive information earlier in the supply chain
has enabled Customs to improve risk assessment and deployment of targeted Customs controls concen-
trated on the high-risk end of the risk continuum.
Corresponding effective and efficient controls in turn give Customs the opportunity to facilitate low-risk
movements and promote key government goals relating to the facilitation of trade and travel.
The Members and Secretariat of the WCO, in partnership with their private sector and academic partners,
have worked hard to gather and consolidate the latest knowledge on risk into this new WCO Customs Risk
Management Compendium; a practitioners guide that includes best practices, useful case studies and
real-life examples from around the world.
Being a living document, the Compendium will be continuously updated to reflect the latest developments
in risk management and WCO Members’ best practices. This will ensure that it remains relevant and indis-
pensable to the global Customs community.
We hope that widespread use of this reference tool will lead to improved Customs controls and enhanced
facilitation of cross-border flows of goods, people and conveyances.

Kunio Mikuriya
Secretary General
World Customs Organization

                                                                                FOREWORD                    V
EXECUTIVE SUMMARY

     C   ustoms administrations should aim for a
         reasonable and equitable balance between
     ensuring compliance, and minimizing disruption
                                                            For risk management to be effective, it needs to
                                                            be embedded as an organizational culture and
                                                            be part of the way Customs runs its business.
     and cost to legitimate trade and the public. Through   Anecdotal experience provided by Members indi-
     the adoption of a holistic risk-based compliance       cates that it may take several years, and requires
     management approach, optimal levels of both            strong ongoing commitment from managers and
     facilitation and control can be achieved. A key        staff at all levels. Administrations should monitor,
     feature of this approach is to actively “steer” the    review and assess their risk management prac-
                                                            tices and continuously develop them.
     client population towards voluntary compliance
     (low risk) leaving more scarce control resources       At the operational level, Customs administrations
     to be deployed towards the high-risk end of the        are encouraged to implement risk-based control
     risk continuum.                                        procedures that are informed by intelligence and
                                                            information holdings. The aim of these procedures
     A robust organizational risk management frame-
                                                            is to identify reliable operators/persons and low-
     work is one of the preconditions for a risk-based      risk consignments/transactions which may benefit
     compliance management approach. The frame-             from greater facilitation as opposed to those that
     work provides the foundation and organizational        require higher levels of control. The Compendium
     arrangements for risk management, allowing             includes practical and operational tools that allow
     individual risks to be identified, assessed and        Customs to assess, profile and target the flows of
     managed across the organization by empowering          goods, people and means of conveyance that cross
     officers at all levels to make risk-based decisions    international borders and to determine what levels
     in a structured and systematic manner.                 of intervention may or may not be required.

VI             EXECUTIVE SUMMARY                                                                     
   EXECUTIVE SUMMARY   VII
I. INTRODUCTION

   I    nternational trade is a key driver of economic
        growth and development. It raises living stand-
       ards in both developed and developing countries,
                                                                                 the pitfalls of a siloed approach, many adminis-
                                                                                 trations are implementing new business models
                                                                                 and pursuing a more disciplined and structured
       contributes to the reduction of poverty as well                           approach to managing risk.
       as creating a more stable, secure and peaceful
                                                                                 This Compendium provides a common refer-
       world1. Customs administrations play an integral
                                                                                 ence document for the concepts associated with
       role in world commerce. They have the essential
                                                                                 risk management in Customs, and will assist
       task of enforcing the law, collecting duties and
                                                                                 Members in their efforts to develop and imple-
       taxes, providing prompt clearance of goods and
                                                                                 ment an all encompassing administration-wide
       ensuring compliance.2
                                                                                 approach to risk management. The Compendium
       Recently the increased complexity and volume                              builds on the wide range of risk management-
       of international trade, fueled by technological                           related Customs instruments and tools, and
       advances that have revolutionized global trading                          updates and consolidates the work by the WCO,
       practices, have significantly affected the way                            enabling the international Customs community
       Customs administrations carry out their respon-                           to speak as one in relation to the methodology it
       sibilities and organize their business operations.                        uses when managing risk.
       Today Customs is required to provide extensive
                                                                                 The Compendium has five purposes. First, it
       facilitation of trade while maintaining control over
                                                                                 defines some of the key terminology associ-
       the international movement of goods, persons                              ated with risk management. Second, it outlines
       and means of transport. In seeking to achieve a                           the Customs context for managing risk. Third, it
       balance between these goals, Customs has been                             presents the key components of a holistic organi-
       moving away from traditional control methods                              zational risk management approach including
       and adopting new thinking and approaches to                               a systematic methodology for managing risk.
       its tasks.                                                                Fourth, it sets out various techniques and tools
       Customs administrations are increasingly adopting                         for managing risk in practice. Fifth, it presents
       risk management techniques to determine where                             Members’ experiences in risk management in the
       the greatest areas of exposure to risk exist and how                      form of case studies.
       to effectively allocate scarce resources to manage                        The Compendium is comprised of two sepa-
       these risks. This enables the objectives set for                          rate but interlinked volumes. Volume 1 starts by
       Customs by government to be achieved and the                              outlining the changing operating environment and
       expectations of the trading community and citizens                        defines the need to adopt a holistic risk-based
       alike to be met.                                                          compliance management approach that enables
       Risk management is by no means a new invention                            administrations to operate more effectively
       for Customs and it would be true to say that all                          and efficiently and to better meet their objec-
       administrations apply some form of risk manage-                           tives (Chapter 1). It then describes the different
       ment, either formal or informal, in their activi-                         building blocks of an organizational risk manage-
       ties. However, research carried out by the WCO                            ment framework. These building blocks include
       Secretariat indicates that risk management is                             mandate and commitment, risk governance
       sometimes progressed in an ad hoc or intuitive                            arrangements, implementation of risk manage-
       manner and is not necessarily always practised                            ment, monitoring and review, and mechanisms
       in a systematic and structured way3. To overcome                          for continuous learning and development of the

       1. WCO (2008), Customs in the 21st Century Strategy, p. 2.
       2. WCO (1999), RKC GA Guidelines 6 on Customs Controls, p. 5.
       3. According to the Consolidated Results of the SAFE Framework Implementation Survey (June 2010, Annex to Doc. SP0329, p. 9) “The survey
       results clearly indicate that the majority of Members surveyed have generally implemented and invested in automation of risk management.
       A needs analysis seems, however, to indicate that the quality of risk management could be improved and that many administrations still need to
       incorporate risk management as part of the organizational culture and of the decision-making process at all levels of the organization.”

VIII                I. INTRODUCTION                                                                                                    
approach (Chapter 2)4. Embedding risk manage-                               • risk assessment, profiling and targeting;
ment as an organizational culture and building
                                                                            • risk indicators;
risk management capacity in gradual steps are
discussed in Chapter 3. Finally, Chapter 4 briefly                          • analysis; and
summarizes and draws together the key issues                                • information and intelligence.
outlined in Volume 1.
                                                                            The Compendium is a living document and
Volume 2 deals with operational risk manage-                                will be continually updated to reflect the
ment. It includes “enforcement sensitive” material                          latest developments regarding risk manage-
for “Customs only” purposes, including numerous                             ment practices in today’s constantly changing
practical guides and templates for assessing risks in                       Customs operating environment. The responsi-
relation to the movement of goods, people, convey-                          bility for keeping Volume 1 updated resides with
ances, economic operators and other parties to                              the Permanent Technical Committee (PTC),
international trade. The topics covered in Volume 2                         whereas the Enforcement Committee (EC) will
can be categorized into four broad clusters:                                manage the instruments contained in Volume 2.

4. The narrative in this part of the Compendium is closely aligned with International Organization for Standardization (ISO) Standard “31000:2009
Risk management – Principles and guidelines”

                                                                                                   I. INTRODUCTION                                 IX
II. GLOSSARY

    K  ey risk management terms used in the
       Compendium are listed below.
                                                             reviewing and continually improving risk manage-
                                                             ment throughout the organization.
    Information: Any data, whether or not processed          Risk management plan: Scheme within the risk
    or analyzed, and documents, reports, and                 management framework specifying the approach,
    other communications in any format, including            management components and resources to be
    electronic, certified or authenticated copies            applied to the management of risk.
    thereof.
                                                             Risk management policy: Statement of an
    Intelligence: A product, derived from the collec-        administration’s overall intentions and direction
    tion and processing of relevant information, which       regarding risk management.
    acts as a basis for user decision-making.                Risk management process: Systematic appli-
                                                             cation of management policies, procedures and
    Nominal data: All available data related to an
                                                             practices to the activities of documenting, commu-
    identified or identifiable natural (real) and/or legal
                                                             nicating, consulting, establishing the context, and
    person, including but not limited to identification
                                                             identifying, analyzing, evaluating, treating, moni-
    numbers, tax-related numbers (e.g. VAT number),
                                                             toring and reviewing risk.
    and items related to physical identification.
                                                             Risk owner: Person or entity with the account-
    Risk: Effect of uncertainty on objectives.
                                                             ability and authority to manage a risk.
    Risk analysis: Systematic use of available informa-
                                                             Risk matrix: Tool for ranking and displaying risks
    tion to determine how often defined risks may occur
                                                             by defining ranges for consequence and likelihood.
    and the magnitude of their likely consequences.
                                                             Risk profile: Description of any set of risks,
    Risk appetite: Amount and type of risk that an           including a predetermined combination of risk
    administration is willing to pursue or retain.           indicators, based on information which has been
    Risk assessment: Overall process of risk iden-           gathered, analyzed and categorized.
    tification, risk analysis, risk evaluation and           Risk register: An organizational planning docu-
    prioritization.                                          ment identifying the administration’s risks and
    Risk evaluation and prioritization: Process of           allocating risks to risk owners.
    comparing the results of risk analysis with risk         Risk tolerance: An administration’s or stakehold-
    criteria to determine whether the risk and/or its        er’s readiness to bear the risk after risk treat-
    magnitude is acceptable or tolerable.                    ment, in order to achieve its objectives.
    Risk indicators: Specific criteria which, when           Risk treatment: Decision or action taken in
    taken together, serve as a practical tool to select      response to an identified risk.
    and target movements that pose a risk of poten-          Targeting: The selection for examination/audit
    tial non-compliance with Customs laws.                   of a certain consignment, passenger, means of
    Risk management: Coordinated activities by               transport, transaction or entity based on risk
    administrations to direct and control risk.              analysis, profiling, document review, observation
                                                             and questioning techniques.
    Risk management framework: Set of components
    that provide foundation and organizational arrange-         Note: The term “selectivity” is sometimes used
    ments for designing, implementing, monitoring,              instead of “targeting”.

X             II. GLOSSARY                                                                           
You can also read
Next slide ... Cancel